Skip to content

Demisto Content Release Notes for version 18.5.1 (8902)
Compare
Choose a tag to compare
@asafshen asafshen released this 02 May 13:41
18.5.1
377e962

Demisto Content Release Notes for version 18.5.1 (8902)

Published on 2 May 2018

Integrations

2 New Integrations
  • Centreon
    Centreon is a network, system, applicative supervision, and monitoring tool. The integration provides monitoring enrichment context for hosts and applications.
  • EasyVista
    EasyVista enables you to manage the entire process of designing, managing, and delivering IT services. With the integration, you can obtain a list of incidents and requests, such as service, change, investment, and more.
6 Improved Integrations
  • RSA NetWitness Packets and Logs
    Improved parameter descriptions.
  • Threat Grid
    The threat-grid-get-html-report-by-id () command displays a report file as a file in the War Room.
  • McAfee ePO
    Enhanced War Room result formatting for epo-commands (Fixed epo-commands issue from version 18.5.0).
  • FireEye iSIGHT
    Fixed the timestamp in request headers, which in some cases resulted in failed authentication.
  • Okta
    Added system log commands.
  • Preempt
    Rephrasing error messages and editing context outputs.

Scripts

4 New Scripts
  • AquatoneDiscover
    Locates a target's nameservers and shuffle DNS lookups between them.
  • IndicatorMaliciousRatioCalculation
    Returned indicators appears in resolved incidents and resolved incident IDs.
  • TimeStampToDate (Transformer)
    Converts the UNIX Epoch timestamp to a simplified extended ISO format string. Use it to convert timestamp to the Demisto date field.
  • WhereFieldEquals (Transformer)
    Return all items from the list where the items' 'field' attribute is equal to the 'equalTo' argument.
2 Improved Scripts
  • Urlscan.io
    Encoded the URL parameters for the submit-url command.
  • Ping
    Added Ping results as output and removed verbose argument (this change breaks backward compatibility, best practice is to use outputs over context and raw-response=true for verbose results).

New Incident Layouts

  • Incident type 'Access'
    Default Incident Summary and Create/Edit Incident layouts.

New Classification & Mapping

SplunkPy classification and mapping for 'Access' incident type. Using the layout and mappings, users can handle Access incident type notables from Splunk ES.

Assets 4
Loading